General
-
Target
18106a3e4dc0919534f3d944dc1b13849a906dcb4294d9c1b3590055578edd19
-
Size
122KB
-
Sample
221120-lbyvtafe78
-
MD5
4b684c5f7ea1de6143d73e586f9529d0
-
SHA1
ea5dcf773cac8b546cb19012fd515da5083e56d3
-
SHA256
18106a3e4dc0919534f3d944dc1b13849a906dcb4294d9c1b3590055578edd19
-
SHA512
422d7b8977359f8c2d66ff4ce07c73b915efb63ecdef201cde1968fde67753aadffbd02fa4a6f0d94f59ef7f1496768df937f09b676d97fa46ab54d79dfcc712
-
SSDEEP
3072:CjOer6cEmf/49va0TyZFcdmhYwxTS/o6:WOehE7Za0GgeYwxTS/o6
Static task
static1
Behavioral task
behavioral1
Sample
18106a3e4dc0919534f3d944dc1b13849a906dcb4294d9c1b3590055578edd19.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
18106a3e4dc0919534f3d944dc1b13849a906dcb4294d9c1b3590055578edd19.exe
Resource
win10v2004-20221111-en
Malware Config
Extracted
pony
http://mail.yaklasim.com:8080/ponyb/gate.php
http://reubenpacheco.com/ponyb/gate.php
http://plasticsurgeonnewsletters.com/ponyb/gate.php
http://whatcausesyeastinfectionsinwomen.com/ponyb/gate.php
-
payload_url
http://000023p.rcomhost.com/En3.exe
http://embeddedcoaching.org/gkn6Njtq.exe
http://faithbibleweb.org/i2UFx.exe
http://grandns.net/ZaavGm.exe
Targets
-
-
Target
18106a3e4dc0919534f3d944dc1b13849a906dcb4294d9c1b3590055578edd19
-
Size
122KB
-
MD5
4b684c5f7ea1de6143d73e586f9529d0
-
SHA1
ea5dcf773cac8b546cb19012fd515da5083e56d3
-
SHA256
18106a3e4dc0919534f3d944dc1b13849a906dcb4294d9c1b3590055578edd19
-
SHA512
422d7b8977359f8c2d66ff4ce07c73b915efb63ecdef201cde1968fde67753aadffbd02fa4a6f0d94f59ef7f1496768df937f09b676d97fa46ab54d79dfcc712
-
SSDEEP
3072:CjOer6cEmf/49va0TyZFcdmhYwxTS/o6:WOehE7Za0GgeYwxTS/o6
-
Accesses Microsoft Outlook accounts
-
Accesses Microsoft Outlook profiles
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-